need help with cookies
Posted: Wed Nov 28, 2012 1:44 pm
in my webiste i am just using sessions to log the users on, so when the browser closes the user gets logged out.
now i want to add cookies but i am not sure how. I created a remember me checkbox in the form so when the user clicks that it should create the cookie.
here is my code for sigining into the website:
i also have a userbar that is displayed on every page with links to sign in or create an account:
now i want to add cookies but i am not sure how. I created a remember me checkbox in the form so when the user clicks that it should create the cookie.
here is my code for sigining into the website:
Code: Select all
echo '<h3>Sign in</h3><br />';
//first, check if the user is already signed in
if(isset($_SESSION['signed_in']) && $_SESSION['signed_in'] == true)
{
echo 'You are already signed in, you can <a href="signout.php">sign out</a> if you want.';
}
else
{
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
//the form hasn't been posted yet, display it
echo '<form method="post" action="">
Enter Username: <input type="text" name="userName" /><br />
Enter Password: <input type="password" name="userPassword"><br /><br/>
<input type="checkbox" name="remember" value="1">Remember Me <br /><br/>
<input type="submit" value="Sign in" />
</form>';
}
else
{
$errors = array(); // declare the array for the errors
if(!isset($_POST['userName']))
{
$errors[] = 'The username field must not be empty.';
}
if(!isset($_POST['userPassword']))
{
$errors[] = 'The password field must not be empty.';
}
if(!empty($errors))
{
echo 'A couple of fields are not filled in correctly<br /><br />';
echo '<ul>';
foreach($errors as $key => $value) //check array
{
echo '<li>' . $value . '</li>'; //make error list
}
echo '</ul>';
}
else
{
//mysql_real_escape_string is to keep the data save
//the sha1 function hashes the password
$sql = "SELECT
userID,
userName,
userLevel
FROM
users
WHERE
userName = '" . mysql_real_escape_string($_POST['userName']) . "'
AND
userPassword = '" . sha1($_POST['userPassword']) . "'";
$result = mysql_query($sql);
if(!$result)
{
echo 'Something went wrong while signing in. Please try again later.';
//echo mysql_error();
}
else
{
//the query returned an empty result so the data was wrong
if(mysql_num_rows($result) == 0)
{
echo 'You have supplied a wrong user/password combination. <a href="signin.php">Please try again</a>.</br>';
}
else
{
//sign in successful
$_SESSION['signed_in'] = true;
while($row = mysql_fetch_assoc($result))
{
$_SESSION['userID'] = $row['userID'];
$_SESSION['userName'] = $row['userName'];
$_SESSION['userLevel'] = $row['userLevel'];
//}
//if($_SESSION['userLevel'] == 1 || $_SESSION['userLevel'] == 0) //can only sign in if they are admin or normal user
//{
echo 'Welcome, ' . $_SESSION['userName'] . '. <br /><a href="index.php">Return to home page</a>.<br/>';
echo '<meta http-equiv="Refresh" content="2;url=index.php" />';
}
}
}
}
}
}Code: Select all
session_start();
if(isset($_SESSION['signed_in']) == true)
{
echo 'Hello <b>' . ($_SESSION['userName']) . '</b>. <a href="signout.php">Sign out</a>';
}
else
{
echo '<a href="signin.php">Sign in</a> or <a href="signup.php">create account</a>';
}